
<?php

			
if(isset($_POST['password_submit']))
{
	$newMail = in($_POST['newMail'],true);
	$newPassword = in($_POST['newPassword'],true);
	$reNewPassword = in($_POST['reNewPassword'],true);

	is_pass($newMail,$newPassword,$reNewPassword,$user_id);
}
function in($data,$force=false)
{
	if(is_string($data))
	{
		$data=trim(htmlspecialchars($data));//防止被挂马，跨站攻击
		if(($force==true)||(!get_magic_quotes_gpc())) 
		{
		   $data = addslashes($data);//防止sql注入
		}
		return  $data;
	}
	else if(is_array($data))//如果是数组采用递归过滤
	{
		foreach($data as $key=>$value)
		{
			 $data[$key]=in($value);
		}
		return $data;
	}
	else 
	{
		return $data;
	}	
}


//检查是否是正确的密码，是则返回true，否则返回false
function is_pass($newMail,$newPassword,$reNewPassword,$user_id)
{	
	if(!empty($newMail)&&!empty($newPassword)&&!empty($reNewPassword))
	{
		$chars = "/^([a-z0-9+_]|\\-|\\.)+@(([a-z0-9_]|\\-)+\\.)+[a-z]{2,6}\$/i";
		if (strpos($newMail, '@') !== false && strpos($newMail, '.') !== false)
		{
			if (preg_match($chars, $newMail))
			{
				$sql_pass = mysql_query("select id from food_user_basic where user_mail = '$newMail'") or die(mysql_error());
				$num_pass = mysql_num_rows($sql_pass);
				if($num_pass === 0)
				{
					if(5<strlen($newPassword) && strlen($newPassword)<16 && 5<strlen($reNewPassword) && strlen($reNewPassword)<16)
					{
						if($newPassword == $reNewPassword)
						{
							$query_new = mysql_query("select `id` from food_user_basic where id = $user_id") or die(mysql_error());
							$row_new = mysql_fetch_array($query_new);
							$user_id_new = $row_new['id'];
							
							$newPassword = md5($newPassword);
							$modify_1 = "update food_user_basic set `user_mail` = '$newMail' where id = $user_id";
							$modify_2 = "update food_user_basic set `user_pass` = '$newPassword' where id = $user_id";

							if(mysql_query($modify_1) && mysql_query($modify_2))
							{
								//unset($_SESSION['login_mail']);
								/* echo $user_id;
								echo '|'; */
								$query_new_1 = mysql_query("select `user_mail` from food_user_basic where id = $user_id_new") or die(mysql_error());
								$row_new_1 = mysql_fetch_array($query_new_1);
								$_SESSION['login_mail'] = $row_new_1['user_mail'];
							
						
								echo '<span style="color:red;" id="login_fail_tip">修改成功，下次可以直接使用该账号密码登陆</span>';
							}
						}else
						{
							echo '<span style="color:red;" id="login_fail_tip">密码重复输入不一致</span>';
							return false;
						}
					}else
					{
						echo '<span style="color:red;" id="login_fail_tip">密码长度请保持在6-15位的数字或者字符</span>';
						return false;
					}
				}else
				{
					echo '<span style="color:red;" id="login_fail_tip">邮箱已被注册</span>';
					return false;
				}
			}else
			{
				echo '<span style="color:red;" id="login_fail_tip">邮箱格式错误</span>';
				return false;
			}
		}else
		{
				echo '<span style="color:red;" id="login_fail_tip">邮箱格式错误</span>';
				return false;
		}
		
	}else
	{
		echo '<span style="color:red;" id="login_fail_tip">请填完新邮箱和新密码</span>';
		return false;
	}
}
	






  

?>

